diff --git a/examples/helm3/components/apache/datasource.libsonnet b/examples/helm3/components/apache/datasource.libsonnet index c4493eae..7925ea12 100644 --- a/examples/helm3/components/apache/datasource.libsonnet +++ b/examples/helm3/components/apache/datasource.libsonnet @@ -1,10 +1,14 @@ { objects: import 'data://helm/apache?config-from=apache-config', config: { + name: 'mock-release', options: { repo: 'https://charts.bitnami.com/bitnami', + version: '11.2.17', + namespace: 'foobar', }, values: { + key: 'value', }, }, } diff --git a/vm/internal/ds/helm3/testdata/apache.json b/vm/internal/ds/helm3/testdata/apache.json index b2a7589d..7d13a412 100644 --- a/vm/internal/ds/helm3/testdata/apache.json +++ b/vm/internal/ds/helm3/testdata/apache.json @@ -1,4 +1,86 @@ [ + { + "apiVersion": "networking.k8s.io/v1", + "kind": "NetworkPolicy", + "metadata": { + "labels": { + "app.kubernetes.io/instance": "mock-release", + "app.kubernetes.io/managed-by": "Helm", + "app.kubernetes.io/name": "apache", + "app.kubernetes.io/version": "2.4.62", + "helm.sh/chart": "apache-11.2.17" + }, + "name": "mock-release-apache", + "namespace": "foobar" + }, + "spec": { + "egress": [ + {} + ], + "ingress": [ + { + "ports": [ + { + "port": 8080 + }, + { + "port": 8443 + } + ] + } + ], + "podSelector": { + "matchLabels": { + "app.kubernetes.io/instance": "mock-release", + "app.kubernetes.io/name": "apache" + } + }, + "policyTypes": [ + "Ingress", + "Egress" + ] + } + }, + { + "apiVersion": "policy/v1", + "kind": "PodDisruptionBudget", + "metadata": { + "labels": { + "app.kubernetes.io/instance": "mock-release", + "app.kubernetes.io/managed-by": "Helm", + "app.kubernetes.io/name": "apache", + "app.kubernetes.io/version": "2.4.62", + "helm.sh/chart": "apache-11.2.17" + }, + "name": "mock-release-apache", + "namespace": "foobar" + }, + "spec": { + "maxUnavailable": 1, + "selector": { + "matchLabels": { + "app.kubernetes.io/instance": "mock-release", + "app.kubernetes.io/name": "apache" + } + } + } + }, + { + "apiVersion": "v1", + "automountServiceAccountToken": false, + "kind": "ServiceAccount", + "metadata": { + "labels": { + "app.kubernetes.io/instance": "mock-release", + "app.kubernetes.io/managed-by": "Helm", + "app.kubernetes.io/name": "apache", + "app.kubernetes.io/version": "2.4.62", + "helm.sh/chart": "apache-11.2.17" + }, + "name": "mock-release-apache", + "namespace": "foobar" + } + }, { "apiVersion": "v1", "kind": "Service", @@ -7,7 +89,8 @@ "app.kubernetes.io/instance": "mock-release", "app.kubernetes.io/managed-by": "Helm", "app.kubernetes.io/name": "apache", - "helm.sh/chart": "apache-10.1.0" + "app.kubernetes.io/version": "2.4.62", + "helm.sh/chart": "apache-11.2.17" }, "name": "mock-release-apache", "namespace": "foobar" @@ -43,7 +126,8 @@ "app.kubernetes.io/instance": "mock-release", "app.kubernetes.io/managed-by": "Helm", "app.kubernetes.io/name": "apache", - "helm.sh/chart": "apache-10.1.0" + "app.kubernetes.io/version": "2.4.62", + "helm.sh/chart": "apache-11.2.17" }, "name": "mock-release-apache", "namespace": "foobar" @@ -66,7 +150,8 @@ "app.kubernetes.io/instance": "mock-release", "app.kubernetes.io/managed-by": "Helm", "app.kubernetes.io/name": "apache", - "helm.sh/chart": "apache-10.1.0" + "app.kubernetes.io/version": "2.4.62", + "helm.sh/chart": "apache-11.2.17" } }, "spec": { @@ -90,6 +175,7 @@ ] } }, + "automountServiceAccountToken": false, "containers": [ { "env": [ @@ -107,17 +193,16 @@ } ], "envFrom": null, - "image": "docker.io/bitnami/apache:2.4.57-debian-11-r134", + "image": "docker.io/bitnami/apache:2.4.62-debian-12-r8", "imagePullPolicy": "IfNotPresent", "livenessProbe": { "failureThreshold": 6, - "httpGet": { - "path": "/", - "port": "http" - }, "initialDelaySeconds": 180, "periodSeconds": 20, "successThreshold": 1, + "tcpSocket": { + "port": "http" + }, "timeoutSeconds": 5 }, "name": "apache", @@ -143,14 +228,56 @@ "timeoutSeconds": 5 }, "resources": { - "limits": {}, - "requests": {} + "limits": { + "cpu": "150m", + "ephemeral-storage": "2Gi", + "memory": "192Mi" + }, + "requests": { + "cpu": "100m", + "ephemeral-storage": "50Mi", + "memory": "128Mi" + } }, "securityContext": { + "allowPrivilegeEscalation": false, + "capabilities": { + "drop": [ + "ALL" + ] + }, + "privileged": false, + "readOnlyRootFilesystem": true, + "runAsGroup": 1001, "runAsNonRoot": true, - "runAsUser": 1001 + "runAsUser": 1001, + "seLinuxOptions": {}, + "seccompProfile": { + "type": "RuntimeDefault" + } }, - "volumeMounts": null + "volumeMounts": [ + { + "mountPath": "/opt/bitnami/apache/conf", + "name": "empty-dir", + "subPath": "app-conf-dir" + }, + { + "mountPath": "/opt/bitnami/apache/logs", + "name": "empty-dir", + "subPath": "app-logs-dir" + }, + { + "mountPath": "/tmp", + "name": "empty-dir", + "subPath": "tmp-dir" + }, + { + "mountPath": "/opt/bitnami/apache/var/run", + "name": "empty-dir", + "subPath": "app-tmp-dir" + } + ] } ], "hostAliases": [ @@ -161,11 +288,69 @@ "ip": "127.0.0.1" } ], + "initContainers": [ + { + "args": [ + "-ec", + "#!/bin/bash\n\n. /opt/bitnami/scripts/libfs.sh\n# We copy the logs folder because it has symlinks to stdout and stderr\nif ! is_dir_empty /opt/bitnami/apache/logs; then\n cp -r /opt/bitnami/apache/logs /emptydir/app-logs-dir\nfi\n" + ], + "command": [ + "/bin/bash" + ], + "image": "docker.io/bitnami/apache:2.4.62-debian-12-r8", + "imagePullPolicy": "IfNotPresent", + "name": "preserve-logs-symlinks", + "resources": { + "limits": { + "cpu": "150m", + "ephemeral-storage": "2Gi", + "memory": "192Mi" + }, + "requests": { + "cpu": "100m", + "ephemeral-storage": "50Mi", + "memory": "128Mi" + } + }, + "securityContext": { + "allowPrivilegeEscalation": false, + "capabilities": { + "drop": [ + "ALL" + ] + }, + "privileged": false, + "readOnlyRootFilesystem": true, + "runAsGroup": 1001, + "runAsNonRoot": true, + "runAsUser": 1001, + "seLinuxOptions": {}, + "seccompProfile": { + "type": "RuntimeDefault" + } + }, + "volumeMounts": [ + { + "mountPath": "/emptydir", + "name": "empty-dir" + } + ] + } + ], "priorityClassName": "", "securityContext": { - "fsGroup": 1001 + "fsGroup": 1001, + "fsGroupChangePolicy": "Always", + "supplementalGroups": [], + "sysctls": [] }, - "volumes": null + "serviceAccountName": "mock-release-apache", + "volumes": [ + { + "emptyDir": {}, + "name": "empty-dir" + } + ] } } }